Description
Job Overview
We are seeking a skilled Cybersecurity Detection Engineer to join our Information Technology Security Office (ITSO) Security Operations Center (SOC). The ideal candidate will blend technical skills, threat research experience, and knowledge of adversary techniques to enhance our cybersecurity defenses.
Key Responsibilities
- Create high-fidelity, actionable alerts using new and existing data sources for quick and effective threat identification, analysis, and eradication
- Identify opportunities to improve the effectiveness of existing detection efforts
- Develop methodologies to maintain and maximize the integrity and effectiveness of existing alerting
- Create, periodically review, test, and validate custom detection content
- Leverage cybersecurity threat intelligence to defend against real-world threats
- Collaborate with the SOC’s incident response teams to meet operational needs
- Stay familiar with adversary Tactics, Techniques, and Procedures (TTPs)
Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field plus 8 years of professional experience (4 additional years of professional experience in lieu of degree)
- At least one of the following certifications:
- Splunk Enterprise Security Certified Admin credential
- Passed AZ-500 Microsoft Azure Security Technologies exam
- Minimum 3 years of experience in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel
- Experience with adding, updating, and deleting detection rules in Splunk Enterprise Security and Microsoft Sentinel
- Proficiency in detection engineering methodologies, including SNORT and YARA rules
- Proficiency in Python programming, Bash, and PowerShell
- Proficiency in Splunk’s Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM)
- Knowledge and experience in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations
- Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers, and Endpoint Detection and Response (EDR)
- Knowledge of Windows Sysinternal Suite (including Sysmon), Unix auditd, and how to tune configuration files for identification of malicious activity
Required Skills
- Strong analytical and problem-solving skills
- Excellent communication and collaboration abilities
- Ability to work in a fast-paced environment and handle multiple priorities
- Continuous learning mindset to stay updated on the latest cybersecurity trends and threats
This position is contingent on contract award.
Other Jobs from Hunter Strategy
Project Manager III
Remote
US
Front Office Project Manager
Remote
US
Cybersecurity Data Scientist
Remote
US
Cybersecurity Data Analyst
Remote
US
Similar Jobs
Senior Systems Travel Engineer - Esports Event Technology
Berlin, Germany
Senior DevOps Developer (GCS)
Toronto, Ontario
Canada
Senior DevOps Developer (GCS)
Toronto, Ontario
Canada
Quality and Reliability System Engineer
San Jose, CA
Costa Rica
Sr. Network Engineer
Manila, Philippines
Engineering Manager, DevOps
Remote
Hungary
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say